Attackers Hack PCM Inc. to Access to Client Files

A US-based cloud solutions provider, PCM Inc., has experienced what KrebsOnSecurity called a “digital intrusion,” which enabled hackers to access the email and file-sharing systems of some of the company’s clients.  

“Sources say PCM discovered the intrusion in mid-May 2019. Those sources say the attackers stole administrative credentials that PCM uses to manage client accounts within Office 365, a cloud-based file and email sharing service run by Microsoft Corp,” Krebs wrote. 

Krebs said it is unclear whether there is a link between the Wipro compromise and this latest incident at PMC. "As a bystander, it does seem possible that both the Wipro and PCM compromises are connected. As for the connection to Cloud Hopper, it is not surprising that Chinese groups are attacking the ISPs and cloud providers,” said Jonathan Oliveira, cyber-threat intelligence analyst at Centripetal.

“The growing trend of targeting employees who work at cloud providers makes plenty of sense because why would an attacking group want to waste time and resources brute-forcing when employees statistically offer the best avenue of approach into a network? These employees are increasingly becoming high-value targets and, in most cases, do not realize how valuable they are to an attacker,” Oliveira said, adding that investing in technology does little to defend against human behaviors. 

Financially motivated attackers go after the lowest-hanging fruit, and it’s no surprise that cyber-criminals are exploiting attacks that will reward them with fast cash, said Kevin Gosschalk, CEO, Arkose Labs. 

“The lasti ..

Support the originator by clicking the read the rest link below.